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METHOD OF ENCODING AND DECODING DATA 
AND DEVICE FOR REALIZATION OF THE METHOD 

BACKGROUND OF THE INVENTION 

The invention relates to means for protecting data from an unauthorized 
access, and may be used in crypto-sy stems for encoding, transferring and decoding 
communications, and in other systems for protection of data. 

The prior art discloses engineering solutions providing protection of 
transmitted data by means of a special equipment or encoding software, for example, by 
using scrambler for protection of telephone conversations [1] pp. 35-37, Fig. 22. The 
scrambler operates on the principle on inversion of an audio signal. As a result of an 
inversion, a usual speech turns to a senseless gang of sounds, but the initial signal is 
accepted by the user without any distortion. The telephone set is equipped with the block 
for voice modification controlled by the encoder. The encoder stores 13122 user's codes 
providing 52488 digital combinations. The read-only memory of the set stores the resident 
software, which codes and decodes the transmitted data in several variants and controls the 
work of the whole set. 

However, this prior art solution has problems in providing a fair degree of 
secrecy, since for disclosing the confidential codes it is enough to execute a limited number 
of mathematical operations that are fast and effectively executed by the modern high-speed 
electronic engineering. 

The main characteristic of a crypto-system is the degree of secrecy. The task 
of a cryptographer is to provide the utmost secrecy and authenticity of the transferred data. 
Alternatively, a crypto-analyst "forces open", or "breaks", the crypto-system designed by a 
cryptographer. The crypto-analyst tries to decipher the set of encoded symbols and to 
deliver the encrypted communication as the plaintext. 
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Prior art discloses technical solutions for protecting the transferred data by 
using a specific device and/or encoding software. Known codes are based on two simple 
methods: substitution and interchange. Interchange uses simple mixing of plain-text 
symbols, the key of an interchange encryptor defines the specific type of mixing. The 
frequency distribution of individual symbols in the encoded text is identical to that of the 
plaintext. For substitution, each symbol of the plaintext is replaced by another symbol of 
the same alphabet, and the specific type of substitution is determined by the secret key. 

For example, the algorithm in the Data Encryption Standard (DBS) [2], p. 
33-34 uses the both methods. The algorithm comprises plaintext, unencrypted text and the 
key as binary sequences having the length 64, 64 and 56 bits, respectively. When DBS is 
used in an electronic book or table mode, the 64-bit blocks of the plaintext are encoded 
independently by using one key. The algorithm of DBS includes 16 rounds or cycles, each 
of which has simple interchanges combined with substitution in four-bit groups. In each 
pass, 48 key bits are selected in a pseudo-random maimer from the full 56-bit key. 

The problem of DBS is that this prior art solution does not provide a fair 
degree of secrecy, since for disclosure of such secret codes with possible number of 2^ 
keys combinations, substituting of all keys during a brute-force attack using modern 
computer techniques is performed in an acceptable time. Also, using the same plaintext 
and not varying the keys, produces the same encoded text. Analysis reveals the statistical 
regularity of the correlation between the plaintext and the encoded text, and may allow 
decoding the encoded text without using direct substitution of all the keys. 

A crypto-system using public keys RSA is described in [2] p. 37-39. This 
system uses a one-way function - discrete logarithms raising to a power. 

GOST P. 34.11 - 94 [3], p. 3-8 discloses hatching consisting in comparing 
an optional set of data as a sequence of binary symbols, with a short, fixed length image 
thereof. In this system 64-bit subwords are encoded using keys of 256 bit length. 
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The drawbacks of these systems are the small key length, which may permit 
decoding during acceptable time, and a slow decoding speed. These systems are practically 
stable systems. 

Theoretically stable systems have perfect secrecy. According to Shannon [4] 
p. 333-402, that means that the plaintext, and the encoded text or cryptogram, are 
statistically independent for all plaintext and cryptograms. 

A prior art Vernan crypto-system is a theoretically stable crypto-system. 
Theoretically stable systems make certain demands on a key. For a system with closed 
keys the indeterminacy of the key should not be less than the indeterminacy of the plaintext. 
In theoretically stable systems, the length of a key should be not less than the length of the 
plaintext. In the Vernan system, the key length is equal to the length of the plaintext. This 
system was used in a codenotebook [5] for transfer of one encoded text. This is the main 
drawback of a codebook because the key should be changed and delivered with every 
transfer. 

There are known crypto-sy stems using the so-called randomisers [2] p. 26 - 
27 . A randomiser is a software or a hardware device that encodes some symbols of 
plaintext with some random plurality of codes. 

Typically, this is done for providing equal frequency of the plaintext 
alphabet. Symbol frequency equalisation is required so that a crypto-analyst cannot 
organise decoding of a plaintext based on analysis of frequency characteristics of a 
cryptogram. For a random plaintext and a random selection of a code, a derandomiser 
should correctly determine the initial symbol without transfer of data from the randomiser 
location. In classical systems with a small randomising field, this task is solved by 
substituting codes belonging to the randomised symbol. Randomisers, however, do not play 
a substantial role in crypto-protectability of an encoding system, as secret keys are the main 
means of protection. 
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Under the combination of the essential features, the closest prior art object to 
the claimed method and device is disclosed in [6] , which provides a device and method of 
encoding that uses a principle of full randomizing symbols of the initial alphabet on a 
plurality of codes with potencies of large dimensionality. This prior art invention was 
selected by the inventors for the prototype of the claimed invention. 

Regarding the method for the selected prototype object, a method of 
encoding and transferring data, wherein the addressee is provided a key to the received 
conmiunications with data on regularities corresponding to the values of the conraiunication 
transmitted to him beforehand, with specific values of the initial data for the whole set of 
symbols of the said kind of data. The method further includes processing data using the 
said regularities and transferring, to the addressee, the communication containing data, 
obtained during processing data, the values of transmitted data, which depend on random 
generated numbers being calculated during processing data. The method is further 
characterized in that the addressee is provided with a set of functions Y^.-.Y^, = Yi(X) 
beforehand, where X is a variable, and each Y^ corresponds to a specific symbol of data. 
The addressee is also provided with the support function U = U (Z), where Z is a variable, 
and with the key function W = W (Y, U), where Y and U are variables accepting values of 
any of the values from the values of the said functions Yj and U. In the course of 
processing of a transmitted data for each symbol, there are generated two random numbers 
X and Z, the respective value of Y is calculated on basis of the respective function Y^ (X) 
for a specific symbol. The value of U is further calculated on basis of the support function 
U (Z). The value of W for this symbol is calculated on basis of the key function W (Y, U) 
and obtained for the symbol value of Y and the value of U from the support function, and 
the addressee is transmitted the communication containing data on the thus obtained values 
of W, X and Z for each symbol of the initial data. 

With regard to a device, the object selected for the prototype is a device for 
realizing a method of encoding and transferring data, which comprises a unit for data input, 
a set of symbols, a database on plurality of characteristic functions that transform the 
specific symbols with the communication. The database is supplied with a calculator 
connected to a generator of random numbers . The device further comprises an encoder and 
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a unit for recording and transmitting conmiunications. The encoder is connected to the set 
of symbols and calculator output. The device further comprises a unit for calculating the 
values of the support function and a unit for calculating the values of the key function. The 
generator of random numbers is supplied with two outputs joint with the encoder. The first 
output of the generator of random numbers is connected also to the input of the unit for 
calculating values of the support function, and the second output is connected to the input 
of the calculator of the database on regularities, the regularities. The output of this 
calculator is connected to the encoder through the unit for calculating values of the key 
function, and the second input of the latter is connected to the output of the unit for 
calculating values of the support function. 

However, the problem of the object selected for the prototype is that in the 
course of the encryption the length of the encrypted communication exceeds the length of 
the initial conmiunication by several times. 

SUMMARY OF THE INVENTION 

The aim of the claimed invention is providing an improved method of 
encrypting by means of obtaining several conmiunications from one initial, at least one of 
the obtained communications may be compressed up to preset sizes so that any connection 
between the initial text and the cryptogram is completely lost for a cryptoanalyst. 

As a result of the solution to the problem, there is achieved a new technical 
effect consisting of creating a new system of encrypting that ensures a high cryptostability 
system without any increase in the length of the conmiunication. The said technical effect is 
achieved as follows. 

A method of encrypting data comprises the following steps: 
• Preliminary generation of data on plurality of characteristic functions that transform 
the values of symbols of the initial communication with the specific values of the 
encrypted communication for the total set of values of the said kind of 
communications ; 
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• determination the number (n) of transformation cycles of the initial communication; 

• realization of the transformation cycle comprising: 

• generation of the feature (Rj), defining regularity used for transformation of the 
communication in the current transformation cycle; 

• transformation of the communication with use of the selected regularity; 

• repetition of transformation cycles the certain number of times; 

• transformation of the communication in each cycle being realized in a way resulting 
in forming cycle data (Cj), transformed in the said cycle and the accessory data (F) 
for the said cycle; 

• the number (n) of transformation cycles of the initial communication is selected 
from the preset criterion; 

• forming the encrypted conmiunication consisting of two parts, one of which contains 
the finally transformed data (CJ, and second one contains accessory data array (F = 

F2, Fj,}) . 

A further improvement of the method is characterized by: 

• transformation of the communication in each cycle is realized in a way resulting in 
forming cycle data (Cj) transformed in the said cycle, being of the shorter or equal 
length with the initial communication, and resulting in forming an accessory data 
(Fj) for the said cycle; 

• the number (n) of transformation cycles of the initial communication is selected 
from the preset criterion (for example, the size of the finally transformed data); 

• forming the encrypted communication consisting of two parts, one of which contains 
the finally transformed data (C J being of shorter length than the initial 
communication, and second one contains accessory data array (F = {Fj, Fj, 

Still a further improvement of the method is characterized by: 

• transformation of the communication in each cycle realized in a way resulting in 
forming cycle data (C^) transformed in the said cycle, being of shorter, equal or 
longer length with the initial communication, and resulting in forming an accessory 
data (Fj) for the said cycle; 
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• the number (n) of transformation cycles of the initial communication is selected 
from the preset criterion (for example, the size of the finally transformed data); 

• forming the encrypted communication consisting of two parts, one of which contains 
the finally transformed data (C„) being of shorter, equal or longer length than the 
initial communication, and second one contains accessory data array (F). 

A further improvement of a method is characterized by, in each or some 
cycles, the cycle data (C) transformed in the said cycle and (or) accessory data (F{) for the 
said cycle are intermixed. 

The following improvement of the method is characterized by, in each or 
some cycles of transformation, the certain part of an accessory data (Fj) for the said cycle is 
added into the transformed information in the said cycle data. The structural interpretation 
of stated ideas could be considered on an example of the claimed device. 

A device for realizing the method of encrypting data comprises: 

• an input unit;* 

• an output unit, the first input of which is connected to the second output of a 
conunutator, and the second input of which is connected to the output of an 
accessory data storage; 

• a database on the plurality of characteristic functions that transform the initial data 
with the encoded data, the first input of the said database being connected to the first 
output of the input unit and the second input - to the output of a random number 
generator; 

• a random number generator, the input of which is connected to the first output of a 
decision making unit; 

• a transformation unit, the first input of which is connected to the second output of 
the output unit, the second input - to the output of the database, and the third input 
- to the first output of the commutator; 

• a storage for transformed information, the input of which is connected to the first 
output of the transformation unit; 
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• a storage for accessory information, the first input of which is connected to the 
second output of the transformation unit, and the second input - to the second output 
of the decision making unit; 

• a decision making unit, the first input of which is connected to the third output of 
the input unit, the second input - to the first output of the storage for transformed 
communication; information; 

• a commutator, the first input of which is connected to the second output of the 
storage for transformed information, and the second input - to the second output of 
the making decision unit. 



Another method of decoding encrypted data comprises the following steps: 

• preliminary generating data on plurality of characteristic functions that transform 
values of all encoded symbols that may be used in the said kind of data with initial 
symbols, which are identical to the regularities used at encoding; 

• extracting, firom the encoded communication, of the data (R^), defining the 
regularity which is used in the current transformation cycles and connects the values 
of the encoded communications with the concrete symbols of the transformed data 
of the current transformation cycle; 

• selecting the regularity connecting the values of the encoded conmiunications with 
the concrete symbols of the transformed data of the current transformation cycle; 

• extracting from an accessory data array (F) the accessory data (F) for the said 
transformation cycle; 

• transforming the cycle data (C) using the selected regularity and the accessory data 
(Fj) for the said transformation cycle; 

• making decision on switching to the next cycle or termination of the transformation; 

• the accessory data (Fj) for the said transformation cycle being isolated from the 
accessory data array (F); 

• recovering the cycle data (Ci), which is transformed in the respective cycle, by 
using the selected regularity and the accessory data (Fj) for the said transformation 
cycle; 

• making decision on switching to the next cycle or termination of the transformation; 
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• using additionally in each transformation cycle a respective part of the accessory 
data, as a result of transforming with the use of the selected regularity there is 
formed the data recovered in the respective cycle. 

A further improvement of the method is characterized by : 

• in each transformation cycle there is additionally used a respective part of the 
accessory data and as a result of the transformation with use of the selected 
regularity there is formed a recovered information in the corresponding cycle 
communication, the length of which is larger or equal to the length of the 
communication, resulting from transforming in the previous cycle. 

The following improvement of a method is further characterized by the 
additional use of a respective part of the accessory data in each transformation cycle. As a 
result of transformation with use of the selected regularity, there is formed recovered 
information in the respective cycle communication. The length of the recovered 
information is larger than, equal to or smaller than the length of the communication 
resulting from transforming in the previous cycle. 

One more improvement of the method is characterized in that the respective 
cycle data (Cj) and/or the accessory data (Fj) for the respective cycle is preliminary 
unmixed in each cycle or in some cycles. 

A device for realizing the method decoding of the communication comprises: 

• an input unit 10; 

• an output unit 15; 

• a database on the plurality of characteristic functions that transform the encoded data 
with the initial data (2); 

• a transformation unit (12); 

• a storage for transformed information (14); 

• a storage for accessory information (13); 

• a making decision unit (11); 

• a commutator (8) ; 

• the first input of the storage for accessory information (13) being connected with 
first output of the input unit (10) and the second input of the accessory data storage 
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for accessory information (13) being connected with first output a making decision 
unit (11); the first input of database (2) is connected to the second output of the of 
the input unit (10), and the second input ~ to the first output of the storage for 
accessory information (13); the first input of the storage for transformed information 
is connected to the third output of the input unit, the second - to the output of the 
transformation unit; and the third - to the first output of the making decision unit, 
the first input of the transformation unit is connected to the second output of the 
storage for accessory information, and the second input to the output of the 
database, the third to the first output of the storage for transformed information, the 
second - to the fourth output of the input unit; the first input of the commutator is 
connected to the second output of the making decision unit, and the second - to the 
second output of the making decision unit; the output unit is connected to the second 
commutator output. 

With the first output (exit) of the commutator, the first input (entrance) of 
the decision making unit is connected to the first output (exit) of the storage for transformed 
information, and second — with the fourth output (exit) of the input unit; the first input 
(entrance) of the commutator is connected to the second output (exit) of the decision making 
unit, and second — with the second output (exit) of the storage for transformed 
information; the output unit is connected to the second output (exit) of the commutator. 

A distinctive feature of the new method can be illustrated by the following 
example. Symbols of the initial alphabet A {al, a2, an} being such, that the binary 
representation of each symbol has the identical length for the whole alphabet A, are 
substituted with symbols of the alphabet Bi {bli, b2i, bni} being such, that the binary 
representation of each symbol may have a various length, the process of such replacement 
is iterative, i.e. at each i-step for the initial communication there is used a result of the 
substitution obtained at the i-lstep. At each i-step there is used its own substitution 
alphabet Bi, produced with the help of the function Y^, selected by a casual mode from a 
plurality of functions transferred to the addressee beforehand, and at each i-step there is 
produced the accessory data Fj used for restoring the initial communication. As an 
additional measure of protecting from cryptanalysis, on each step or on some steps there 
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may be performed intermixing of the conmiunication resulting from the transformation. In 
an outcome of such transformation there is produced a finally transformed data (C„), the 
length of which may not be less than the length of one symbol of the alphabet Bn, used at 
the last step of transformation. 
Such systems have uncommon properties: 

• as a result of transformation of the initial communication there are produced at least 
two output communications (the finally transformed data {CJ and the accessory data 
array (F), each of which separately does not make any sense from the point of view 
of restoring the initial communication and may be transmitted through a separate 
data link; 

• generally, the length of the transformed communication may have the length of one 
symbol of the substitution alphabet, for example, if the initial communication has 
the byte representation, the transformed conmiunication may have the one byte 
length, regardless of the length and kind of the initial communication; 

• at multiple encoding one and the same initial communication, the transformed 
communication will be various, thereby eliminating a problem of the closed channel 
for the key data transfer; 

• the modification of any symbol in the transformed communication or accessory data 
brings about the impossibility of restoring the initial communication. 

The transformation functions (Y) may be preset in the form of a table. For 
example, in case of representing the initial communication as N-bit binary sequences and 
transformation of compression of the function (Yj), can be preset as a set of 2^ triples — 
{(ak, bik, fik)}, where ak is an N-bit initial code, h^^ is a transformed bit code of a variable 
length not greater N, and only two values of {bik} have the length of N bit, fik is the data on 
the length of the respective b^k in bits. At such representation there exists such submission 
(2^)! (2^ - 1)(2^ - 2) of various possible functions of transformation, such that 

^ L-f^ = min L,.^ , where L^k is the length of bik bits. At N = 8 there is present -256! 
1=1 

*254*255 10^'^ of various transformation functions (Y). In this case two values of h,^ have 
the one bit length, four values of b^k have the two bit length, eight values of b^k have the 
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three bit length, sixteen values of bi^ have the four bit length, a thirty-two values of bj^ have 
the five bit length, sixty-four values of bj^ have the six bit length, one hundred twenty-eight 
values of b^^ have the seven bit length and two values of bi^ have the eight bit length. 

Then for an arbitrary function the average length of the transformed 
communication X will be equal: 



and the average length of an accessory data: 



2N+^n2''-" 
L(/^.(X,1^))= L(X) ^ 



thus, the average compression ratio at one step of transformation will have the values: 



L(F(X Y)) '^^^'^ 
K„ ■ — — w , for the transformed communication 



K = = t; , for the accessory data. 



In particular, for N = 8 we have: K^„= 777/ 1024 0.758 Kfl„,= 255/ 1024 
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At performing transformation M cycles the anticipated average length of the 
transformed communication will be: 



core 



and of the accessory data - 



M-l 



KZ.. - 1 



core 



m=0 



Accordingly, at performing 10 transformation cycles the average length of 
the transformed conmiunication at of N = 8 will make approximately 0.067 of the length of 
the initial communication, and length of the accessory data — 0.97 of the length of the 
initial communication. The general length will make approxunately 1.037 of the initial 
length, and for 100 transformation cycles — 10^^ and 1.04 accordingly. 



If at each transformation cycle a S byte of the accessory data is added to the 
transformed communication, then average length of the transformed communication will 
be: 



M 



L(C(X)) = kZmx)+ kZ. = K^lMX)+ s 



m-0 



^core " 1 



And length of an accessory data will make: 



M 



LiFiX)) = X ^ 



Jlags 



( 



K 



( 



flags 



L(X)(i-^:,l) + s 



M- 



core 



'^core ~ ^ 
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The construction of the claimed device may be realized in various variants realizing the 
claimed method of encoding data by using the known hardware. All these variants expand 
technological possibilities of using of the invention. 

The main problem of the prototype method is eliminated thereby, i.e. 
essential increase of the sizes of the encrypted communication in a comparison with the 
initial one. The disclosed distinctive features of the claimed invention, in a comparison with 
known engineering solutions, allow designing a device of encoding data providing 
statistical independence of the encrypted text and the open text, i.e. having properties of the 
theoretically stable of proof system of cryptography, and not by recurrence of the encrypted 
communication at repeated encoding of one and the same communication at constant keys. 

DETAILED DESCRIPTION 

Fig. 1 shows a diagram of a device for realizing a claimed method of 
encoding data. Through an input unit, a database enters pre- generated data on plurality of 
characteristic functions that transform values of symbols of the initial communication with 
specific symbols of the encrypted conmiunication for the whole set of symbols of the said 
kind of the communications. In the course of processing the encrypted data, the input of a 
making decision unit (3) enters the data on the number (n) of transformation cycles of the 
initial communication. Before the beginning of the current transformation cycle, the 
making decision unit (3) transmits a control signal to the random number generator(5), 
which generates a random number (R^), transmits it to the database (2) and through the 
latter to a transformation unit. In accordance with the value of Rj from the database (2), 
there is selected the transformation function of YR^ which enters the transformation unit 
(4). The transformation unit (4) calculates the values of (Ci,Fi) - YR^ (Xj, Rj). The value of 
Ci enters the input of a storage for transformed information (6) from outputs of the 
transformation unit (4) and the value of enters the input of the storage for accessory 
information (7) . The storage for transformed information (6) transmits a signal on 
termination of the current cycle of transformation to the making decision unit (3). The 
making decision unit (3) makes a decision on fulfillment of the next transformation cycle or 
on terminating the process of transformation. In the case of terminating the process of 
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transformation, the finally transformed data (C„) is transmitted through the commutator (8) 
and the accessory data array (F = {Fj, Fj, FJ) from the storage for accessory 
information (7) enters an output unit (9). Otherwise, the cycle data (Cj) through the 
commutator (8) enters the transformation unit (4) for fulfillment the next cycle of 
transformation. 

Fig. 2 shows the diagram of a device for realizing a claimed method of 
decoding data. Through the input unit (10) into the database (2) come the previously 
generated data on plurality of characteristic functions that transform values of symbols of 
the initial communication with special symbols of the encrypted communication for the 
whole set of symbols of the said kind of the communications, which are identical to the 
regularities used at encoding. In the course of restoring the transformed conmiunication 
through the input unit (10) enters the following data: at the input of a decision making unit 
(11), - data on the number (n) of transformation cycles of the deencrypted communication; 
at a storage for accessory information (13) - the accessory data; at a storage for transformed 
information (14) - the transformed communication. Before the beginning of the current 
cycle of restoring at the signal of the decision making unit (11) the storage for accessory 
information (13) yields accessory data (F^) into a transformation unit (12) and the value of 
Ri - into the database (2), in accordance with which is selected the function of 
transformation of YR^ that arrives at the transformation unit (12). The storage for 
transformed information (14) yields through the commutator (8) cycle data (C) into the 
transformation unit (12). The transformation unit (12) calculates the values of (X^), YRj 
(Cj, Fj). From the output of the transformation unit (12) the restored conmiunication (Xj) 
arrives into the storage for transformed information (14). At completion of accumulation 
of the restored communication (Xj), the storage for transformed information (14) sends a 
signal on termination of the current cycle of restoring into the decision making unit (11). 
In case of decision-making on the termination of process of transformation, the restored 
communication (X^) through the commutator (8) arrives at an output unit (15). Otherwise, 
from the output of the decision-making unit (11) at the input of the storage for accessory 
information (13) arrives the signal on yielding of the next portion of the accessory data (Fp 
R) and the restored communication arrives through the conraiutator (8) at the 
transformation unit (12) for fulfillment of the next cycle of restoring. 
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